Loading ...
Sorry, an error occurred while loading the content.

Re: Redirect mails to virtual address

Expand Messages
  • Thomas Berger
    Thanks for the replies. I forgotten some details in my last mail: Our current configuration looks like this: [outter-postfix] (MX, Spamfilter, virus scanner
    Message 1 of 4 , May 31, 2011
      Thanks for the replies.

      I forgotten some details in my last mail:

      Our current configuration looks like this:
      [outter-postfix] (MX, Spamfilter, virus scanner ...) <=> [inner-postfix] (expands the virtual recipients, delivers mails to different internel MTA's) <=> Exchange Server (holds the user mailboxes)

      Am Dienstag, 31. Mai 2011, 16:15:38 schrieb /dev/rob0:
      > The "right" solution is to have the recipient address checking
      > process also check for the "full mailbox" condition, or better yet,
      > use a check_recipient_access lookup which returns a proper reject
      > message for these full mailboxes.

      We could not figure out right now how to do that with an Exchange Server as mailstorage.
      Maybe someone on this list knows how to setup this correct?

      > > Now we want to redirect Bounces, send to an external system to one
      > > of our virtual users.
      > This is broken. Although you're rightly thinking about minimizing
      > backscatter, you may be causing loss of real mail.

      As we only redirect the mails and don't drop them, and thats only effects outgoing mail, we would never loose some real mails.

      > Please note that what is needed is "postconf -n". It's possible that
      > I missed something relevant in all of that, which I did not attempt
      > to read.

      Done, i have attached a new output to this mail.

      > So I guess you are saying it is a virtual ALIAS. Here it failed to be
      > delivered as a virtual MAILBOX. If you have receive_override_options
      > set with no_address_mappings, you can't deliver to a virtual alias at
      > this point.

      We don't have this set anywhere, there are no override options, we use virtual aliases here since a few years, without any problem.

      > > As we have only virtual domains on this
      > > mailsystem, there is no way to send to a local user.
      > > receive_override_options =
      > > smtpd_client_restrictions = permit_mynetworks,
      > > permit_sasl_authenticated, reject
      > (This is not suitable for a MX host.)
      This is not an MX host, this is just an internal relay.

      > > smtpd_data_restrictions =
      > > smtpd_helo_restrictions =
      > > smtpd_recipient_restrictions = check_sender_access
      > > hash:/etc/postfix/check_bounce_sender, permit_mynetworks,
      > > permit_sasl_authenticated, reject_unauth_destination
      > > smtpd_sender_restrictions = mysql:/etc/postfix/mysql-sender_restrictions.cf
      > No check_recipient_access lookup exists in the above.

      Here the relevant parts from the config and the maps:
      smtpd_restriction_classes =
      check_recipient_access pcre:/etc/postfix/bounce_recipients
      smtpd_recipient_restrictions =
      check_sender_access hash:/etc/postfix/check_bounce_sender

      <> check_bounce_recipient
      MAILER-DAEMON@ check_bounce_recipient

      /(^|\.)boreus\.de$/ DUNNO
      /./ REDIRECT postmaster@...

      > What you are telling us is that virtual_alias_maps were not checked,
      > but no evidence to that effect was shown.

      ~ # postmap -q postmaster@... mysql:/etc/postfix/mysql-virtual.cf

      > > virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
      > boreus.de is found here, in virtual_mailbox_domains
      > > virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
      > postmaster@... is NOT found here.
      Thats right, as not every virtual user is in the same system. We have a few system accounts, used for bounce back mgmt and more, but thats a rare case.

      > Go back to the right solution, above. Figure out a way to check for
      > and populate a list of addresses with "full" mailboxes. Then consult
      > that list as a check_recipient_access lookup.

      As we didn't found any informations about doing that in the exchange docs or on the net, that seems impossible at the moment :(
    Your message has been successfully submitted and would be delivered to recipients shortly.